Total
6787 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-50384 | 1 Linux | 1 Linux Kernel | 2025-12-12 | 7.8 High |
| In the Linux kernel, the following vulnerability has been resolved: staging: vme_user: Fix possible UAF in tsi148_dma_list_add Smatch report warning as follows: drivers/staging/vme_user/vme_tsi148.c:1757 tsi148_dma_list_add() warn: '&entry->list' not removed from list In tsi148_dma_list_add(), the error path "goto err_dma" will not remove entry->list from list->entries, but entry will be freed, then list traversal may cause UAF. Fix by removeing it from list->entries before free(). | ||||
| CVE-2022-50386 | 1 Linux | 1 Linux Kernel | 2025-12-12 | 8.0 High |
| In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix user-after-free This uses l2cap_chan_hold_unless_zero() after calling __l2cap_get_chan_blah() to prevent the following trace: Bluetooth: l2cap_core.c:static void l2cap_chan_destroy(struct kref *kref) Bluetooth: chan 0000000023c4974d Bluetooth: parent 00000000ae861c08 ================================================================== BUG: KASAN: use-after-free in __mutex_waiter_is_first kernel/locking/mutex.c:191 [inline] BUG: KASAN: use-after-free in __mutex_lock_common kernel/locking/mutex.c:671 [inline] BUG: KASAN: use-after-free in __mutex_lock+0x278/0x400 kernel/locking/mutex.c:729 Read of size 8 at addr ffff888006a49b08 by task kworker/u3:2/389 | ||||
| CVE-2025-65955 | 1 Imagemagick | 1 Imagemagick | 2025-12-12 | 4.9 Medium |
| ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-9 and 6.9.13-34, there is a vulnerability in ImageMagick’s Magick++ layer that manifests when Options::fontFamily is invoked with an empty string. Clearing a font family calls RelinquishMagickMemory on _drawInfo->font, freeing the font string but leaving _drawInfo->font pointing to freed memory while _drawInfo->family is set to that (now-invalid) pointer. Any later cleanup or reuse of _drawInfo->font re-frees or dereferences dangling memory. DestroyDrawInfo and other setters (Options::font, Image::font) assume _drawInfo->font remains valid, so destruction or subsequent updates trigger crashes or heap corruption. This vulnerability is fixed in 7.1.2-9 and 6.9.13-34. | ||||
| CVE-2025-55308 | 2 Foxit, Microsoft | 2 Pdf Editor, Windows | 2025-12-12 | 6.7 Medium |
| An issue was discovered in Foxit PDF and Editor for Windows before 13.2 and 2025 before 2025.2. A crafted PDF containing JavaScript that calls closeDoc() while internal objects are still in use can cause premature release of these objects. This use-after-free vulnerability may lead to memory corruption, potentially resulting in information disclosure when the PDF is opened. | ||||
| CVE-2025-55309 | 3 Apple, Foxit, Microsoft | 3 Macos, Pdf Editor, Windows | 2025-12-12 | 6.7 Medium |
| An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13.2 and 2025 before 2025.2. A crafted PDF can contain JavaScript that attaches an OnBlur action on a form field that destroys an annotation. During user right-click interaction, the program's internal focus change handling prematurely releases the annotation object, resulting in a use-after-free vulnerability that may cause memory corruption or application crashes. | ||||
| CVE-2025-65503 | 1 Redboltz | 1 Async Mqtt | 2025-12-11 | 7.5 High |
| Use after free in endpoint destructors in Redboltz async_mqtt 10.2.5 allows local users to cause a denial of service via triggering SSL initialization failure that results in incorrect destruction order between io_context and endpoint objects. | ||||
| CVE-2025-14326 | 1 Mozilla | 2 Firefox, Thunderbird | 2025-12-11 | 9.8 Critical |
| Use-after-free in the Audio/Video: GMP component. This vulnerability affects Firefox < 146 and Thunderbird < 146. | ||||
| CVE-2025-14321 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2025-12-11 | 9.8 Critical |
| Use-after-free in the WebRTC: Signaling component. This vulnerability affects Firefox < 146, Firefox ESR < 140.6, Thunderbird < 146, and Thunderbird < 140.6. | ||||
| CVE-2025-59238 | 1 Microsoft | 10 365, 365 Apps, Office and 7 more | 2025-12-11 | 7.8 High |
| Use after free in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-59227 | 1 Microsoft | 12 365, 365 Apps, Office and 9 more | 2025-12-11 | 7.8 High |
| Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-59226 | 1 Microsoft | 6 365, 365 Apps, Office 2021 and 3 more | 2025-12-11 | 7.8 High |
| Use after free in Microsoft Office Visio allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-59225 | 1 Microsoft | 12 365, 365 Apps, Excel and 9 more | 2025-12-11 | 7.8 High |
| Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-59224 | 1 Microsoft | 13 365, 365 Apps, Excel and 10 more | 2025-12-11 | 7.8 High |
| Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-59223 | 1 Microsoft | 13 365, 365 Apps, Excel and 10 more | 2025-12-11 | 7.8 High |
| Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-59222 | 1 Microsoft | 15 365, 365 Apps, Office and 12 more | 2025-12-11 | 7.8 High |
| Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-59221 | 1 Microsoft | 15 365, 365 Apps, Office and 12 more | 2025-12-11 | 7 High |
| Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-59210 | 1 Microsoft | 8 Windows, Windows 11, Windows 11 24h2 and 5 more | 2025-12-11 | 7.4 High |
| Windows Resilient File System (ReFS) Deduplication Service Elevation of Privilege Vulnerability | ||||
| CVE-2025-59189 | 1 Microsoft | 8 Windows, Windows 11, Windows 11 24h2 and 5 more | 2025-12-11 | 7.4 High |
| Use after free in Microsoft Brokering File System allows an unauthorized attacker to elevate privileges locally. | ||||
| CVE-2025-58738 | 1 Microsoft | 23 Windows, Windows 10, Windows 10 1507 and 20 more | 2025-12-11 | 7 High |
| Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-58737 | 1 Microsoft | 11 Remote Desktop, Windows, Windows Server and 8 more | 2025-12-11 | 7 High |
| Use after free in Windows Remote Desktop allows an unauthorized attacker to execute code locally. | ||||